import {
  CanActivate,
  ExecutionContext,
  Injectable,
  UnauthorizedException,
} from '@nestjs/common';
import { Observable } from 'rxjs';
import { Auth } from './rule';

/**
 * 判断用户是不是超级管理员，只有超级管理员才有权限操作
 */

@Injectable()
export class AdminAuthGuard implements CanActivate {
  canActivate(
    context: ExecutionContext,
  ): boolean | Promise<boolean> | Observable<boolean> {
    const ctx = context.switchToHttp();
    const request = ctx.getRequest();
    const role = request?.managerInfo?.role || '';

    if (role === Auth.SUPER) {
      return true;
    }

    throw new UnauthorizedException('权限不够');
  }
}
